a1ext / labeless

Labeless is a multipurpose IDA Pro plugin system for labels/comments synchronization with a debugger backend, with complex memory dumping and interactive Python scripting capabilities.
Other
514 stars 82 forks source link

The IDA7.0 plug-in test version, error #34

Closed nihuai closed 6 years ago

nihuai commented 7 years ago

@a1ext Debug 32 bit programs in 64-bit IDA7.0(ida.exe): Just tested, ida7.0 prompts the connection to fail, but does not affect the use. It's a strange question, and I almost give up using it

new problem: Debug 64 bit programs in 64-bit IDA7.0(ida64.exe): prompts connection failure,Click hand sync. No response,The program card to death

Debug 32 bit programs in 64-bit IDA7.0(ida64.exe): prompts connection failure,Click hand sync. Log prompt Received data, but not displayed

a1ext commented 7 years ago

@nihuai Could you explain the problem? I don't understand it.

nihuai commented 7 years ago

@a1ext The IDA7.0 directory has two executable files: ida. exe and ida64.exe. I used ida. exe and x32dbg to synchronize 32-bit programs. Find that connection failures can also be synchronized, and manually clicking is ok. image

image

However, I use ida64. exe to debug 32-bit or 64-bit programs, which can cause problems. image

image

nihuai commented 7 years ago

Unable to upload images, I copied the code:That is, receiving data but not showing it 00401000 | push ctf2017_fpc.41B06C 00401005 | call ctf2017_fpc.413D42 0040100A | add esp,4 0040100D | mov dword ptr ds:[41B034],2 00401017 | call ctf2017_fpc.401050 0040101C | call ctf2017_fpc.401090 00401021 | call ctf2017_fpc.4010E0 00401026 | mov eax,dword ptr ds:[41B034] 0040102B | test eax,eax 0040102D | jne ctf2017_fpc.40103F 0040102F | push ctf2017_fpc.41B05C 00401034 | call ctf2017_fpc.413D42 00401039 | add esp,4 0040103C | xor eax,eax 0040103E | ret

nihuai commented 7 years ago

Below is the 64-bit application I used with ida64. exe:It's stuck image

a1ext commented 7 years ago

Could you show me the full log from x64dbg?

nihuai commented 7 years ago

ida64.exe and x32dbg.exe screenshot.zip log.zip

ida64.exe and x64dbg.exe:The IDA window is unresponsive while synchronizing

a1ext commented 7 years ago

Hi @nihuai, I found the problem - x64dbgpy plugin. When it is installed, the Labeless behaves strange

a1ext commented 7 years ago

Comments aren't visible in the "Comments" view because I do sync with manual=False flag, so I think need to make this configurable.

a1ext commented 7 years ago

What about version check - it conflicts with x64dbgpy's x64dbgpy.hooks.OutputHook implementation, it doesn't call self.__original_stream so any output to stdout/stderr isn't visible to Labeless

nihuai commented 7 years ago

Ok, when will ida7.0 plug-in be officially released?

a1ext commented 7 years ago

There is big solution refactoring and need to fix few issues. I think, I will release it step-by-step like beta versions, etc. The worst case is by the end of November.

nihuai commented 6 years ago

@a1ext I recommend the latest version of x64dbg,It improved a lot from two months ago

a1ext commented 6 years ago

Hi @nihuai, IDA7 plugins released

PwndDepot commented 6 years ago

@a1ext I can't seem to find the compiled binary for ida7, is it released as well or just source?

a1ext commented 6 years ago

@PwndDepot It is there, in the release bundle (inside a folder IDA7X): image

a1ext commented 6 years ago

@PwndDepot Don't forget to install fresh python module, you have to uninstall the old one with pip:

pip uninstall labeless

and then answer y when it prompts to confirm

and then install the fresh one from PyPI:

pip install labeless

In case you don't have an Internet, you could install it manually. Download the release bundle and open a command shell inside that folder:

cd c:\labeless_release_full_1.1.2.48\deploy
python setup_protobuf.py
pip install labeless-1.1.2.48-py2.py3-none-any.whl
gkfnf commented 6 years ago

I just downloaded the latest release version. And figured out the folder IDA7X doesn't exist. There must be something wrong.

a1ext commented 6 years ago

@gkfnf You have to use this link 1.1.2.48 is the latest. You didn't see it because it is a pre-release.

gkfnf commented 6 years ago

I checked again. And I found that it's not the file's problem. It's the link's problem. the latest version on https://github.com/a1ext/labeless/latest. If I input this link in the explorer, it will auto jump to the https://github.com/a1ext/labeless/releases/tag/v_1_1_2_1. That's really weird.

gkfnf commented 6 years ago

And I just can't visit the right page

a1ext commented 6 years ago

@gkfnf currently it should work, could you check it?

gkfnf commented 6 years ago

And I found the point. It's my agent caused this problem. Once I shut down the agent. It works.

a1ext commented 6 years ago

@gkfnf I made the pre-release -> release change :) Now the old link must work